code-slop
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted data in the form of code diffs. It possesses the capability to modify or delete code logic (specifically removing defensive checks).
- Ingestion points: Processes git diffs between branches.
- Boundary markers: Absent; the prompt does not specify delimiters for the code being analyzed.
- Capability inventory: Capability to modify/write code files via the agent's environment.
- Sanitization: Absent; there is no explicit validation of the code content before modification.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network operations were identified.
- [Unverifiable Dependencies] (SAFE): The skill does not reference or install any external packages or remote scripts.
- [No Code] (SAFE): This is a logic-only skill consisting solely of natural language instructions without associated executable files.
Audit Metadata